Cyber Security News

Zimbra Collaboration, a popular open-source email and collaboration software, was recently discovered to include critical vulnerabilities that pose serious risks to its users.  These vulnerabilities, identified as CVE-2025-25064 and CVE-2025-25065, allow attackers to exploit the system for unauthorized access to sensitive data and internal network resources.  Zimbra has issued patches to address these flaws, and […]

The post Critical Zimbra Vulnerabilities Let Attackers Unauthorized Access to Internal Resources appeared first on Cyber Security News.

A recently disclosed vulnerability in AnyDesk, a popular remote desktop software, identified as CVE-2024-12754, enables local attackers to exploit the handling of Windows background images to gain unauthorized access to sensitive system files.  This could potentially escalate their privileges to administrative levels, posing a significant threat to system security. The vulnerability has been categorized under […]

The post PoC Exploit Released for AnyDesk Vulnerability Exploited to Gain Admin Access Via Wallpapers appeared first on Cyber Security News.

Hackers have been exploiting Google Tag Manager (GTM) to steal sensitive credit card information from eCommerce sites, particularly those built on the Magento platform. This sophisticated attack shows the evolving tactics of cybercriminals in leveraging legitimate tools for malicious purposes. Google Tag Manager is a free tool provided by Google that allows website owners to […]

The post Hackers Exploiting Google Tag Manager To Steal Credit Card From eCommerce Sites appeared first on Cyber Security News.

Linus Torvalds announced the release of Linux Kernel 6.14-rc2, the second release candidate in the 6.14 series. The release follows the usual weekly schedule and comes as a relatively small update, consistent with the overall size of the 6.14 kernel. Last week, Linux 6.14-rc1 was released, which changes half a million lines of code modifications […]

The post Linux Kernel 6.14 Released – What’s New With rc2! appeared first on Cyber Security News.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning to federal agencies regarding active exploitation of a critical Microsoft Outlook vulnerability, tracked as CVE-2024-21413. This remote code execution (RCE) flaw, discovered by Check Point researcher Haifei Li, is caused by improper input validation when processing emails containing malicious links. “Successful exploitation […]

The post Critical Microsoft Outlook Vulnerability (CVE-2024-21413) Actively Exploited in Attacks – CISA Warns appeared first on Cyber Security News.

A critical vulnerability in the popular file archiving tool 7-Zip (CVE-2025-0411) has been actively exploited in the wild, primarily targeting Ukrainian organizations, added to CISA’s known exploited vulnerability database. This flaw allows attackers to bypass Windows’ Mark-of-the-Web (MoTW) security feature, enabling the execution of malicious code. The vulnerability has been linked to cyberespionage campaigns, likely […]

The post 7-Zip Vulnerability Actively Exploited in The Wild in Attacks – CISA Adds Its Catalog appeared first on Cyber Security News.

The National Security Agency (NSA) has launched Ghidra 11.3, the latest version of its open-source software reverse engineering (SRE) framework. The National Security Agency (NSA) has developed Ghidra, a cutting-edge Software Reverse Engineering (SRE) framework designed to analyze compiled code across multiple platforms, including Windows, macOS, and Linux. This open-source tool offers disassembly, decompilation, debugging, […]

The post Ghidra 11.3 Released – NSA’s Powerful Reverse Engineering Tool appeared first on Cyber Security News.

Security analysts know the struggle: endless alerts, repetitive tasks, and not enough hours in the day. The volume of potential threats can be overwhelming, making efficient alert triage crucial for any Security Operations Center (SOC). The great news is that you don’t have to handle everything manually. By integrating cloud-based tools, automation, and AI-driven analysis, […]

The post 3 Best Ways to Speed Up Alert Triage for SOC Team – Use Cases appeared first on Cyber Security News.

Cybersecurity researchers at Palo Alto have recently uncovered a large-scale gift card scam campaign involving 276 stockpiled domains. The scam targets users by advertising free or discounted gift cards for popular services such as Google Play, Amazon, and Roblox, luring victims into divulging personal information, downloading browser extensions, or purchasing services through affiliate links. Scam […]

The post Threat Actors Offer You Free Google Play, Amazon Gift Card From 100s of Malicious Domains to Steal Data appeared first on Cyber Security News.

Less than a month after its groundbreaking launch, Chinese artificial intelligence company DeepSeek has found itself at the center of a cybersecurity storm. The company, which debuted its first AI model, DeepSeek-R1, on January 20, 2025, has been grappling with severe cyberattacks that have disrupted operations and delayed new user registrations. These attacks, involving the […]

The post Hail and Rapper Botnet is the Mastermind Behind the DeepSeek Cyberattack appeared first on Cyber Security News.

Spanish authorities, in collaboration with international agencies, have arrested a suspected hacker accused of orchestrating over 40 cyberattacks targeting critical public and private entities.  The arrest, made in Calpe, Alicante, is the result of a combined operation between Spain’s National Police and the Civil Guard.  The suspect is believed to have infiltrated the computer systems […]

The post Authorities Arrested Hacker Who Compromised 40+ Organizations appeared first on Cyber Security News.

Threat actors have been leveraging the legitimate Remote Monitoring and Management (RMM) tool, ScreenConnect, to establish persistence in their cyberattacks. This trend shows the evolving tactics of hackers who exploit trusted software to gain unauthorized access to systems. ScreenConnect, now known as ConnectWise Control, is a widely used RMM tool that allows IT teams to […]

The post Hackers Exploiting ScreenConnect RMM Tool to Establish Persistence appeared first on Cyber Security News.

Israeli spyware company Paragon Solutions has terminated its contract with Italy following allegations that its military-grade surveillance software, Graphite, was misused to target journalists and civil society members. The decision comes less than a week after WhatsApp revealed that the spyware had been deployed in a zero-click attack campaign targeting 90 individuals across two dozen […]

The post WhatsApp Zero-Click Paragon Spyware Terminates Contract with Italy appeared first on Cyber Security News.

A recent cybersecurity threat has emerged in the form of the Nova Stealer malware, a fork of the popular SnakeLogger stealer. This malware is being marketed on hacking forums under a Malware-as-a-Service (MaaS) model, making it accessible to a wide range of attackers for as little as $50 for a 30-day license. The Nova Stealer […]

The post Beware of Nova Stealer Malware Sold for $50 on Hacking Forums appeared first on Cyber Security News.

In a shocking revelation, researchers have uncovered a widespread malware campaign targeting both Android and iOS users. Dubbed “SparkCat,” this malicious operation involves apps embedded with a malicious SDK designed to steal recovery phrases for cryptocurrency wallets. The infected apps, some of which were available on Google Play and the App Store, have been downloaded […]

The post 242,000 Times Downloaded Malicious Apps from Android and iOS Stealing Crypto Recovery Keys appeared first on Cyber Security News.

A newly discovered botnet named BADBOX has been found to have infected over 190,000 Android devices, including high-end models like Yandex 4K QLED TVs. This botnet is particularly concerning due to its ability to infect devices potentially through pre-installed malware from the factory or further down the supply chain. The scale and stealth of BADBOX […]

The post BADBOX Botnet Infected Over 190,000 Android Devices Including LED TVs appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Linux kernel vulnerability, CVE-2024-53104, to its Known Exploited Vulnerabilities (KEV) Catalog, emphasizing its potential impact on systems worldwide. This vulnerability, classified as an out-of-bounds write issue, affects the USB Video Class (UVC) driver in the Linux kernel and could lead to privilege escalation, arbitrary […]

The post CISA Adds Actively Exploited Linux Kernel Vulnerability to Known Exploited Vuln Catalog appeared first on Cyber Security News.

Hackers have begun leveraging AI agents to validate stolen credit cards, marking a new era in the sophistication of financial fraud. This trend highlights the evolving threat landscape where technology, once seen as a tool for security, is being repurposed by malicious actors to facilitate illegal activities. The process involves using AI-powered tools to simulate […]

The post Hackers Using AI Agents To Validate Stolen Credit Cards appeared first on Cyber Security News.

The AI startup DeepSeek has gained significant attention in recent weeks for its advanced AI models, particularly the R1 reasoning model. However, this rapid rise to fame has also attracted the unwanted attention of cybercriminals, who are exploiting DeepSeek’s popularity to launch sophisticated cyber attacks. These threats include fake websites, malware distribution, and scams involving […]

The post Threat Actors Exploiting DeepSeek’s Rise To Fuel Cyber Attacks appeared first on Cyber Security News.

A new report from FortiGuard Labs reveals that Chinese hackers are actively targeting Linux devices with a sophisticated SSH backdoor dubbed ELF/Sshdinjector.A!tr. This malware, attributed to the DaggerFly espionage group, has been used in the Lunar Peek campaign since mid-November 2024, primarily targeting network appliances and IoT devices. The attack involves several malicious components working […]

The post Chinese Hackers Attacking Linux Devices With New SSH Backdoor appeared first on Cyber Security News.